We are trying to write a function on PowerPC, that, given a filename (ELF binary) and PC (program counter), returns: - 0 if the return address at the given PC is saved on stack, - 1 if the RA is still in LR and no new frame was allocated - 2 if a RA is in LR but new frame was allocated and yet to be used. Referring to 'elfutils.git/tests/addrcfi.c', we wrote this program that seems to work (i.e is consistent with 'readelf -wF) for a single a.out file: Eg: $ readelf -wF ./crc5 ---- Contents of the .debug_frame section: 00000000 0000000c ffffffff CIE "" cf=4 df=-8 ra=65 LOC CFA 0000000000000000 r1+0 00000010 00000024 00000000 FDE cie=00000000 pc=10000ca4..10000d04 LOC CFA r31 ra 0000000010000ca4 r1+0 u u >>>> 0000000010000cb4 r1+128 c-8 c+16 0000000010000cb8 r31+128 c-8 c+16 0000000010000ce8 r1+0 c-8 c+16 ---- $ ./crc5 0000000010000cb0 0000000010000cb4 ./crc5 Ret Address 0x10000cb0 is in LR Ret Address 0x10000cb1 is in LR Ret Address 0x10000cb2 is in LR Ret Address 0x10000cb3 is in LR Ret Address 0x10000cb4 is NOT in LR i.e for PC 0x10000cb3, return address is in LR, and for PC 0x10000cb4 return address is on the stack (c1+16). But I am not sure how to extend the code to work with PC value that points to, say __random(), in glibc. I have these installed: glibc-common-2.18-11.fc20.ppc64p7 glibc-2.18-11.fc20.ppc64p7 glibc-headers-2.18-11.fc20.ppc64p7 glibc-debuginfo-common-2.18-11.fc20.ppc64p7 glibc-devel-2.18-11.fc20.ppc64p7 glibc-debuginfo-2.18-11.fc20.ppc64p7 $ objdump -D /usr/lib64/libc-2.18.so .... 00000080a7be3bf0 <.__random>: 80a7be3bf0: 7c 08 02 a6 mflr r0 80a7be3bf4: fb e1 ff f8 std r31,-8(r1) 80a7be3bf8: 60 00 00 00 nop 80a7be3bfc: 39 00 00 01 li r8,1 80a7be3c00: 3b e2 9a f0 addi r31,r2,-25872 80a7be3c04: 39 40 00 00 li r10,0 80a7be3c08: f8 01 00 10 std r0,16(r1) 80a7be3c0c: f8 21 ff 71 stdu r1,-144(r1) 80a7be3c10: 7d 20 f8 29 lwarx r9,0,r31,1 80a7be3c14: 7c 09 50 00 cmpw r9,r10 80a7be3c18: 40 82 00 0c bne 80a7be3c24 <.__random+0x34> 80a7be3c1c: 7d 00 f9 2d stwcx. r8,0,r31 >>>> 80a7be3c20: 40 c2 ff f0 bne- 80a7be3c10 <.__random+0x20> .... $ ./crc5 80a7be3c20 80a7be3c20 /usr/lib64/libc-2.18.so Error dwarf_cfi_addrframe(): : no matching address range Error with addr 0x80a7be3c20 $ ./crc5 80a7be3c20 80a7be3c20 /usr/lib/debug/lib64/libc.so.6.debug Error dwfl_addrmodule: no error Error with addr 0x80a7be3c20 Pls find the code attached. Appreciate any comments on how to extend it to work with split debug info files. Sukadev